Overview

overview

10

Static

static

10

3356-146-0...ry.exe

windows7-x64

3356-146-0...ry.exe

windows10-2004-x64

Sharing

Copy URL
Twitter E-mail

General

  • Target

    3356-146-0x0000000000400000-0x000000000043C000-memory.dmp

  • Size

    240KB

  • MD5

    e40e401b587728bc88a25afae6f75446

  • SHA1

    71c8c25dc8f68c9e7ba03466c1ecdbed452f2376

  • SHA256

    7ccec3e03e6f299b6c396392b7b2b3a9c6cbe8322b88dea38051c8b20c6ed985

  • SHA512

    1c4b8cbf772e55c2bda14f54f422696aab82d64d15ad2960cd809203134121910bcc47a7d456488a652da825c77a55227f8f939d27faacae7a1ea8a5c4995c5e

  • SSDEEP

    3072:2rmKT2Z+eEknskv9lvqeIWRpPOUsq6GZpobiGUxVbvlvcwCPcx2EUQe6rY/KGR:2C8eT3Z0Uj6ORG6VblvThjUQvrMKG

Score
10/10
agenttesla

Malware Config

Extracted

Family

agenttesla

Credentials

  • Protocol:     smtp
  • Host:
    smtp.yandex.com
  • Port:
    587
  • Username:
    [email protected]
  • Password:
    marcellinus360

Signatures

  • Agenttesla family
    agenttesla
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 3356-146-0x0000000000400000-0x000000000043C000-memory.dmp
    .exe windows x86


    Headers

    Sections